On Mon, 8 Apr 2002, Ryan Russell wrote:

> Any recommendations for which tools are best for extracting a binary file
> from a group of TCP packets, preferrably in tcpdump format? I'm just
> about to try tcpflow:
> http://www.circlemud.org/~jelson/software/tcpflow/
> But I'd also like to hear from others on what tools they have tried, and
> what the various strengths and weaknesses are.

For this task, my tool of choice is ethereal. Using the "follow tcp
stream" option on the connection where data was passed (i.e. ftp) will
piece together the binary file for you. Not to mention it's also a great
sniffer and and traffic analysis tool.

www.ethereal.com

        -spaceork

"To hell with the future! Let's get on with the past!"
-------------------------------------------------------------------------------
spaceorkdhp.com
http://www.dhp.com/~spaceork

---------------------------------------------------------------------
To unsubscribe, e-mail: honeypots-unsubscribesecurityfocus.com
For additional commands, e-mail: honeypots-helpsecurityfocus.com
---------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert
(SIA) Service. For more information on SecurityFocus' SIA service
which automatically alerts you to the latest security vulnerabilities.
Please, see: https://alerts.securityfocus.com/

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]